Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft
File:                     HpPX4oqwueeUSHlGoProzW7VQHE.mft (raw, json)
Hash identifier:          aNyT8NSor3nAWkutBahvrdwUy2gCOJtlhEmnbT4AFII=
Subject key identifier:   C1:DA:0B:25:41:B0:52:86:BC:B4:81:F8:55:59:61:1A:C3:B6:B6:E8
Authority key identifier: 1E:93:D7:E2:8A:B0:B9:E7:94:48:79:46:A0:FA:E8:CD:6E:D5:40:71
Certificate issuer:       /CN=1e93d7e28ab0b9e794487946a0fae8cd6ed54071
Certificate serial:       019A70DC6B7DA4746DE707BE69D469AA2459
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HpPX4oqwueeUSHlGoProzW7VQHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft
Manifest number:          B8
Signing time:             Tue 11 Nov 2025 03:01:24 +0000
Manifest this update:     Tue 11 Nov 2025 03:01:24 +0000
Manifest next update:     Wed 12 Nov 2025 03:01:24 +0000
Files and hashes:         1: HpPX4oqwueeUSHlGoProzW7VQHE.crl (hash: CLJIgUUtLOFE6i8WxLn0hJAsokBkIvwalND+Ola11m0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/HpPX4oqwueeUSHlGoProzW7VQHE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 03:01:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:70:dc:6b:7d:a4:74:6d:e7:07:be:69:d4:69:aa:24:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e93d7e28ab0b9e794487946a0fae8cd6ed54071
        Validity
            Not Before: Nov 11 03:01:24 2025 GMT
            Not After : Nov 12 03:01:24 2025 GMT
        Subject: CN=c1da0b2541b05286bcb481f85559611ac3b6b6e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9f:45:ad:3b:2e:40:2d:55:bd:42:3f:6b:50:
                    62:90:cc:a3:18:0e:64:06:11:40:1f:5f:c6:0c:f4:
                    d9:0c:86:53:77:21:28:aa:d3:67:db:6c:7a:9c:43:
                    a6:4d:88:5a:87:f9:66:14:68:62:68:67:98:80:92:
                    18:80:0a:d8:d2:ff:31:dd:f5:fb:b9:54:37:9c:2d:
                    5c:30:c1:2d:e3:81:f7:63:d0:b5:2b:e0:0a:61:bb:
                    4c:e7:b5:7f:5b:b2:39:8c:04:d8:fd:71:66:92:d9:
                    2a:28:93:9e:f6:01:48:17:f7:63:72:1c:74:75:86:
                    75:bb:4a:3d:21:af:f2:4c:99:b0:30:e1:d5:14:e6:
                    08:ff:6d:f3:a0:ed:55:05:a8:ec:19:9c:79:24:ea:
                    8c:37:88:68:88:e8:e5:5f:22:74:2f:7a:e6:4f:37:
                    81:94:c4:04:3c:61:46:34:f9:a2:bd:68:57:21:6e:
                    8a:ee:91:16:70:bb:dd:16:01:33:e3:55:53:00:5d:
                    75:aa:b5:6e:7d:c3:89:0c:12:a3:84:45:38:ae:3b:
                    28:26:69:43:a2:d9:c9:74:72:4b:54:7c:5e:04:0c:
                    8c:53:1a:b4:ba:a3:7f:de:a1:32:7c:e1:77:ac:b8:
                    06:d4:ae:32:a4:67:f3:76:62:95:8a:3f:95:b4:76:
                    23:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:DA:0B:25:41:B0:52:86:BC:B4:81:F8:55:59:61:1A:C3:B6:B6:E8
            X509v3 Authority Key Identifier:
                keyid:1E:93:D7:E2:8A:B0:B9:E7:94:48:79:46:A0:FA:E8:CD:6E:D5:40:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpPX4oqwueeUSHlGoProzW7VQHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87b214-ba8d-4df9-9ec9-1a16ef492034/1/HpPX4oqwueeUSHlGoProzW7VQHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:03:d3:b8:1e:d5:3f:e2:81:35:c4:de:7c:05:63:fd:4e:16:
         ff:4c:14:20:eb:98:31:a8:30:e7:ce:46:17:8e:ab:f7:6f:c9:
         1e:8e:f8:a5:dd:44:bf:d5:37:5d:06:fc:11:05:1a:7b:3a:a1:
         e2:56:2e:c2:b5:bb:f5:76:1c:1f:5e:3e:5a:0e:e0:f7:2b:a7:
         34:ed:c5:f1:26:83:75:dc:9f:6d:ce:7f:6e:18:a4:b2:3b:9f:
         a4:06:9a:c1:5a:08:8f:e4:7a:2c:8c:d6:4c:44:0b:60:82:50:
         61:c2:b9:b1:a5:c2:8e:db:12:58:71:21:19:51:1b:17:7a:e5:
         09:eb:45:a2:7a:8d:0b:26:1c:a3:d6:05:51:c3:22:6a:ce:eb:
         03:11:df:bb:b7:a0:bc:6f:a4:88:69:c5:ea:f3:08:6f:2a:b7:
         3a:5b:65:62:89:52:5f:05:33:3a:3b:de:0d:f4:0b:50:90:7b:
         65:95:5b:8f:e1:f6:56:f3:38:53:8d:29:c9:d0:46:b3:f6:cf:
         e6:f4:f3:27:ae:45:d7:61:df:f3:ff:dc:d2:48:cc:7d:3f:c6:
         d2:2e:db:c4:1d:fc:78:52:9b:55:30:42:e6:e6:6f:51:74:4a:
         50:bd:bd:51:a5:20:71:d8:20:79:0a:ba:d0:f1:68:56:2a:2b:
         c0:c9:73:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3Gt9pHRt5we+adRpqiRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTNkN2UyOGFiMGI5ZTc5NDQ4Nzk0NmEwZmFlOGNkNmVk
NTQwNzEwHhcNMjUxMTExMDMwMTI0WhcNMjUxMTEyMDMwMTI0WjAzMTEwLwYDVQQD
EyhjMWRhMGIyNTQxYjA1Mjg2YmNiNDgxZjg1NTU5NjExYWMzYjZiNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw59FrTsuQC1VvUI/a1BikMyjGA5k
BhFAH1/GDPTZDIZTdyEoqtNn22x6nEOmTYhah/lmFGhiaGeYgJIYgArY0v8x3fX7
uVQ3nC1cMMEt44H3Y9C1K+AKYbtM57V/W7I5jATY/XFmktkqKJOe9gFIF/djchx0
dYZ1u0o9Ia/yTJmwMOHVFOYI/23zoO1VBajsGZx5JOqMN4hoiOjlXyJ0L3rmTzeB
lMQEPGFGNPmivWhXIW6K7pEWcLvdFgEz41VTAF11qrVufcOJDBKjhEU4rjsoJmlD
otnJdHJLVHxeBAyMUxq0uqN/3qEyfOF3rLgG1K4ypGfzdmKVij+VtHYjrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMHaCyVBsFKGvLSB+FVZYRrDtrboMB8GA1UdIwQY
MBaAFB6T1+KKsLnnlEh5RqD66M1u1UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBQWDRvcXd1ZWVVU0hsR29Qcm96VzdWUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS84N2IyMTQtYmE4ZC00ZGY5LTllYzkt
MWExNmVmNDkyMDM0LzEvSHBQWDRvcXd1ZWVVU0hsR29Qcm96VzdWUUhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS84N2IyMTQtYmE4ZC00ZGY5LTllYzktMWExNmVmNDkyMDM0
LzEvSHBQWDRvcXd1ZWVVU0hsR29Qcm96VzdWUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfgPTuB7V
P+KBNcTefAVj/U4W/0wUIOuYMagw585GF46r92/JHo74pd1Ev9U3XQb8EQUaezqh
4lYuwrW79XYcH14+Wg7g9yunNO3F8SaDddyfbc5/bhiksjufpAaawVoIj+R6LIzW
TEQLYIJQYcK5saXCjtsSWHEhGVEbF3rlCetFonqNCyYco9YFUcMias7rAxHfu7eg
vG+kiGnF6vMIbyq3OltlYolSXwUzOjveDfQLUJB7ZZVbj+H2VvM4U40pydBGs/bP
5vTzJ65F12Hf8//c0kjMfT/G0i7bxB38eFKbVTBC5uZvUXRKUL29UaUgcdggeQq6
0PFoViorwMlzGw==
-----END CERTIFICATE-----